<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

/**
 * Description of LeoDatabaseHelper
 *
 * @author Rene
 */
class LeoDatabaseHelper 
{
    public static function getLeos(DB_UTIL $dbUtil)
    {
        if(Security::getLeoHasRecht("LEO_RO", $dbUtil) || 
           Security::getLeoHasRecht("LEO_RW", $dbUtil))
        {	
            $result = array();

            $sql = "SELECT id, 
                           nachname, 
                           vorname 
                    FROM leo";

            $dbResult = $dbUtil->ExecSql($sql);

            if(isset($dbResult) && $dbResult != false && mysql_num_rows($dbResult))
            {
                while($row = mysql_fetch_assoc($dbResult))
                {
                    $result[] = $row;
                }
            }

            return $result;
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to access LEOS.');
        }
    }
    
    
     public static function getLeosFull(DB_UTIL $dbUtil)
    {
        if(Security::getLeoHasRecht("LEO_RO", $dbUtil) || 
           Security::getLeoHasRecht("LEO_RW", $dbUtil))
        {	
            $result = array();

            $sql = "SELECT * 
                    FROM leo";

            $dbResult = $dbUtil->ExecSql($sql);

            if(isset($dbResult) && $dbResult != false && mysql_num_rows($dbResult))
            {
                while($row = mysql_fetch_assoc($dbResult))
                {
                    $result[] = LEO::getLeoFromString($row);
                }
            }

            return $result;
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to access LEOS.');
        }
    }
    
    
    public static function getLeoByID(DB_UTIL $dbUtil, $id)
    {
        if(Security::getLeoHasRecht("LEO_RO", $dbUtil) || 
           Security::getLeoHasRecht("LEO_RW", $dbUtil))
        {	                    
            $sql = "SELECT *
                    FROM leo 
                    WHERE id = $id";

            $dbResult = $dbUtil->ExecSql($sql);
            
            if(isset($dbResult) && $dbResult != false && mysql_num_rows($dbResult))
            {
                while($row = mysql_fetch_assoc($dbResult))
                {
                    return LEO::getLeoFromString($row);
                }
            }
            else
            {
                header('HTTP/1.0 404 Not Found');
                die('LEO not found');
            }
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to access LEOS.');
        }
    }

    public static function DeleteLeoByID(DB_UTIL $dbUtil, $id)
    {
        if(Security::getLeoHasRecht("LEO_RW", $dbUtil))
        {	
            $result = null;
            
            $sql = "DELETE
                    FROM leo
                    WHERE id = $id;";
            
            $dbResult = $dbUtil->ExecSqlLocked($sql);
                        
            if(!$dbResult)
            {
                header('HTTP/1.0 404 Not Found');
                die('LEO not found');
            }

            return $result;
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to access LEOS.');
        }
    }
    
    
    public static function updateLeo($id, DB_UTIL $dbUtil, \Slim\Slim $app)
    {
        if(Security::getLeoHasRecht('LEO_RW', $dbUtil))
        {
            $json = json_decode($app->request()->getBody(), true);
      
            $leo = LEO::getLeoFromString($json);
                        
            $password = null;
            if(isset($json["password"]))
                $password = $json["password"];
            
            $gcm = null;
            if(isset($json["gcm"]))
                $gcm = $json["gcm"];
            
            $sql = $leo->GetUpdateString($id, $password, $gcm);
            
            if(!$sql)
            {
                header('HTTP/1.0 400 Bad Request');
                die('LEO not found');
            }
            
            $result = $dbUtil->ExecSqlLocked($sql, "WRITE");
            
            if(!$result)
            {
                header('HTTP/1.0 404 Not Found');
                die('LEO not found');
            }
            else
            {
                return LeoDatabaseHelper::getLeoByID($dbUtil, $id);
            }
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to write LEOS.');
        }
    }
    
    
    public static function createLeo(DB_UTIL $dbUtil, \Slim\Slim $app)
    {
        if(Security::getLeoHasRecht('LEO_RW', $dbUtil))
        {
            $json = json_decode($app->request()->getBody(), true);
            
            $leo = LEO::getLeoFromString($json);
            
            $sql = $leo->GetInsertString();
            
            if(!$sql)
            {
                header('HTTP/1.0 400 Bad Request');
                die('Sql Leer');
            }
            
            $result = $dbUtil->InsertLocked($sql, "WRITE");
            
            if(!$result)
            {
                header('HTTP/1.0 400 Bad Request');
                die('Anfrage war Falsch');
            }

            header('HTTP/1.0 201 Created');                
            return LeoDatabaseHelper::getLeoByID($dbUtil, $result);
        }
        else
        {
            header('HTTP/1.0 403 Forbidden');
            die('You are not allowed to write LEOS.');
        }
    }
}

?>
